Operating System Fingerprint Recognition Using ICMP

  • Jinho Song
  • Yonggun Kim
  • Yoojae WonEmail author
Conference paper
Part of the Lecture Notes in Electrical Engineering book series (LNEE, volume 536)


The operating system fingerprint is a factor that can help determine a target operating system and version through network scanning. There are two methods of discrimination: Internet Control Message (ICMP) and Transmission Control Protocol (TCP). In this study, we analyzed whether it is possible to categorize the operating system version (e.g., Windows 7, 8.1, 10) in a manner that the operating system can be determined using ICMP. Using ICMP, we could successfully classify the operating systems into Windows and Linux.


ICMP Operating system OS fingerprint Nmap Wireshark Network packets 



This research was supported by the Ministry of Science and ICT (MSIT), Korea, under the Information Technology Research Center (ITRC) support program (IITP-2018-2016-0-00304) supervised by the Institute for Information & Communications Technology Promotion (IITP).


  1. 1.
    Humer, S., Murphy, A.: OS fingerprinting techniques and tools, cryptography and network security. Keene State College, CS-455 (2013)Google Scholar
  2. 2.
    Bellovin, S.M., Leech, M., Taylor, T: ICMP traceback messages (2003)Google Scholar
  3. 3.
    Lamping, U., Sharpe, R., Warnicke, E.: Wireshark User’s Guide for Wireshark 2.1 (2014)Google Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2020

Authors and Affiliations

  1. 1.Department of Computer Science and EngineeringChungnam National UniversityDaejeonSouth Korea

Personalised recommendations